Marco 
							
						 
					 
					
						
						
							
						
						a66312bbcf 
					 
					
						
						
							
							Re-implement internal throttling or rate limiting from scratch  
						
						
						
						
					 
					
						2017-08-19 00:22:21 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						c9a4e28c7b 
					 
					
						
						
							
							Implement methods for re-sending confirmation requests in class 'Auth'  
						
						
						
						
					 
					
						2017-08-07 21:08:06 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						f83ac969d4 
					 
					
						
						
							
							Add class 'ConfirmationRequestNotFound'  
						
						
						
						
					 
					
						2017-08-07 19:36:13 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						e3873f2d15 
					 
					
						
						
							
							Use alternative 'LIMIT' syntax with wider compatibility in SQL query  
						
						
						
						
					 
					
						2017-08-07 18:52:36 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						b7a47fc707 
					 
					
						
						
							
							Extract TTL in seconds of (email) confirmation requests into constant  
						
						
						
						
					 
					
						2017-08-07 18:51:21 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						62c5fab1ad 
					 
					
						
						
							
							Re-implement 'changePassword' method using two existing methods  
						
						... 
						
						
						
						Make use of 'reconfirmPassword' and 'changePasswordWithoutOldPassword' 
						
						
					 
					
						2017-08-04 00:35:50 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						1800525b51 
					 
					
						
						
							
							Implement new method 'changePasswordWithoutOldPassword' in 'Auth'  
						
						
						
						
					 
					
						2017-08-04 00:31:35 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						d5ae78a418 
					 
					
						
						
							
							Hint at related methods for email confirmation where required  
						
						
						
						
					 
					
						2017-07-30 20:53:18 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						e925a73ef8 
					 
					
						
						
							
							Implement method 'changeEmail' in class 'Auth'  
						
						
						
						
					 
					
						2017-07-30 20:51:58 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						39f9b00b45 
					 
					
						
						
							
							Reflect changed email address in same session immediately  
						
						
						
						
					 
					
						2017-07-30 20:24:19 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						af5ce5a0b4 
					 
					
						
						
							
							Allow 'confirmEmail' to be used additionally to change email addresses  
						
						
						
						
					 
					
						2017-07-30 20:04:08 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						15f73567b6 
					 
					
						
						
							
							Update accounts by ID instead of email after confirming email address  
						
						
						
						
					 
					
						2017-07-30 19:59:09 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						90c621aeb0 
					 
					
						
						
							
							Store affected user ID when creating new email confirmation requests  
						
						
						
						
					 
					
						2017-07-30 19:46:45 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						28979925d7 
					 
					
						
						
							
							Let 'Auth' access 'createConfirmationRequest' from 'UserManager'  
						
						
						
						
					 
					
						2017-07-30 19:41:27 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						2247c2781c 
					 
					
						
						
							
							Allow for users to enable or disable password resets on their own  
						
						
						
						
					 
					
						2017-07-30 16:34:29 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						4b6afc7c48 
					 
					
						
						
							
							Fail with exception in 'resetPassword' if password reset is disabled  
						
						
						
						
					 
					
						2017-07-30 16:12:57 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						a3a28af2aa 
					 
					
						
						
							
							Fail with exception in 'forgotPassword' if password reset is disabled  
						
						
						
						
					 
					
						2017-07-30 16:12:10 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						c842fa9792 
					 
					
						
						
							
							Add class 'ResetDisabledException'  
						
						
						
						
					 
					
						2017-07-30 15:48:19 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						838c6edf66 
					 
					
						
						
							
							Implement method 'confirmEmailAndSignIn' in class 'Auth'  
						
						
						
						
					 
					
						2017-07-30 14:19:07 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						ad5784364d 
					 
					
						
						
							
							Return confirmed email address from 'confirmEmail' in class 'Auth'  
						
						
						
						
					 
					
						2017-07-30 14:16:52 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						f56e7e6871 
					 
					
						
						
							
							Implement method 'reconfirmPassword' in class 'Auth'  
						
						
						
						
					 
					
						2017-07-30 00:54:06 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						5274dd5f8e 
					 
					
						
						
							
							Support optional prefix for the names of all database tables  
						
						
						
						
					 
					
						2017-07-30 00:04:48 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						bc44a08b1b 
					 
					
						
						
							
							Allow for roles to be checked for users via 'Administration' class  
						
						
						
						
					 
					
						2017-07-29 20:24:24 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						1a4041ea60 
					 
					
						
						
							
							Allow for roles to be taken away from users via 'Administration' class  
						
						
						
						
					 
					
						2017-07-29 19:06:13 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						f2074e1537 
					 
					
						
						
							
							Allow for roles to be assigned to users via 'Administration' class  
						
						
						
						
					 
					
						2017-07-29 18:55:15 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						8a1140a485 
					 
					
						
						
							
							Add private methods to 'Administration' for modifying users' roles  
						
						
						
						
					 
					
						2017-07-29 18:47:32 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						c25b74d405 
					 
					
						
						
							
							Provide read access to user's roles via 'Auth' interface  
						
						
						
						
					 
					
						2017-07-29 18:19:00 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						2278b86fba 
					 
					
						
						
							
							Read user's roles from database and maintain value in session data  
						
						
						
						
					 
					
						2017-07-29 18:15:17 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						c2ab825354 
					 
					
						
						
							
							Extract class 'Base64' into external library  
						
						
						
						
					 
					
						2017-07-24 21:56:35 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						854bc2b62b 
					 
					
						
						
							
							Swap positions of hyphen and underscore characters in URL-safe Base64  
						
						... 
						
						
						
						This ensures compatibility with RFC 4648 and the example from the
appendix of RFC 7515, aside from the padding character that is used. 
						
						
					 
					
						2017-07-23 23:18:28 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						01a52b76bc 
					 
					
						
						
							
							Switch characters in URL-safe Base64 to use tilde (~) for padding  
						
						... 
						
						
						
						The tilde character is less familiar to most users and harder to type
on most keyboards (compared to the hyphen and underscore characters). 
						
						
					 
					
						2017-07-23 22:56:28 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						ad88c1c6ab 
					 
					
						
						
							
							Use tilde character (~) instead of dot (.) for URL-safe Base64 coding  
						
						... 
						
						
						
						The dot character is excluded from auto-linking in most email clients
and is ambiguous in all other contexts when occurring at the end of a
URL. The tilde character, being the only unreserved character for use
in URLs that remains, as per RFC 3986, is thus a good alternative. 
						
						
					 
					
						2017-07-23 22:16:13 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						449e1c69ee 
					 
					
						
						
							
							Remove obsolete 'pre-check' and 'post-check' for 'Cache-Control'  
						
						
						
						
					 
					
						2017-07-21 06:20:30 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						63734fc5ee 
					 
					
						
						
							
							Add 'Role' class with constants for individual roles or groups  
						
						
						
						
					 
					
						2017-07-10 20:59:45 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						0909291cf1 
					 
					
						
						
							
							Support multi-factor authentication via 'onBeforeSuccess' callback  
						
						
						
						
					 
					
						2017-07-02 23:12:36 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						6aa3f58059 
					 
					
						
						
							
							Add 'AttemptCancelledException'  
						
						
						
						
					 
					
						2017-07-02 22:17:43 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						47afa1c411 
					 
					
						
						
							
							Remove enforcement of hard dependency on 'mysqlnd' in code  
						
						
						
						
					 
					
						2017-06-20 02:19:46 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						ee485f99ab 
					 
					
						
						
							
							Ensure compatibility with SQLite which does not cast to native types  
						
						
						
						
					 
					
						2017-06-12 20:29:58 +02:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						04a2e8ef4e 
					 
					
						
						
							
							Throw error if 'libmysqlclient' driver is used instead of 'mysqlnd'  
						
						
						
						
					 
					
						2017-03-18 22:21:23 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						59505479a5 
					 
					
						
						
							
							Add class 'WrongMysqlDatabaseDriverError'  
						
						
						
						
					 
					
						2017-03-18 22:13:28 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						fdcfd6f78c 
					 
					
						
						
							
							Add class 'DatabaseDriverError'  
						
						
						
						
					 
					
						2017-03-18 22:12:49 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						93477e4e7e 
					 
					
						
						
							
							Add shorthands for 'getStatus' in 'Auth' class  
						
						
						
						
					 
					
						2017-02-26 13:45:00 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						d59ac83d13 
					 
					
						
						
							
							Refactor array definition in 'authenticateUserInternal'  
						
						
						
						
					 
					
						2017-02-26 13:13:37 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						9a0036b8a8 
					 
					
						
						
							
							Add 'Status' class with constants  
						
						
						
						
					 
					
						2017-02-26 13:05:37 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						a05d277a2c 
					 
					
						
						
							
							Read status from 'users' table and provide read access in session  
						
						
						
						
					 
					
						2017-02-26 13:03:52 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						2317423550 
					 
					
						
						
							
							Explain that constructor of 'Administration' is for internal use only  
						
						
						
						
					 
					
						2017-02-25 18:40:49 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						26ca48c3b9 
					 
					
						
						
							
							Improve language  
						
						
						
						
					 
					
						2017-02-25 18:07:02 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						9ec74b3b2d 
					 
					
						
						
							
							Deprecate boolean format for parameter 'rememberDuration' with login  
						
						
						
						
					 
					
						2017-02-25 18:06:07 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						9c60acec0d 
					 
					
						
						
							
							Improve code style  
						
						
						
						
					 
					
						2017-02-25 17:58:29 +01:00 
						 
				 
			
				
					
						
							
							
								Marco 
							
						 
					 
					
						
						
							
						
						81bdd79906 
					 
					
						
						
							
							Add method 'deleteUserById' and similar methods for email and username  
						
						
						
						
					 
					
						2017-02-25 17:32:35 +01:00